Coordinated npm and PyPI Campaign Typosquats Popular Secure Payment Apps
Socket’s AI scanner detected a cluster of npm and PyPI malware published on July 7, 2026. The 17 packages, published nearly simultaneously, target SDK developers and users of the popular PaySafe, Skrill and Neteller payment applications. Ultimately, the packages perform credential and token theft, exfiltrating stolen data to AWS infrastructure. Affected Packages # At the time of publication, the following packages were affected. Each npm package published four malicious versions (1.0.0 through…
Soutenez Socket en consultant la ressource originale
Lire l'article originalVous aimez découvrir ces sources ?
Soutenez-moi sur Patreon